Archive | March, 2012

Avira Joins The Crowd & Starts To Offer Mac Antivirus Software

Find your website's Achilles' Heel

For years the Apple geeks were always self-praising and postulating that their OS was so secure and superior that it didn’t need any silly Anti Virus software. Things changed a couple of years back though, probably in 2009 when Mac OS X Snow Leopard Bundled With Malware Detector.

Not long after that the commercial crowd starting moving into the Mac anti virus arena – in 2010 Sophos Launched a FREE Anti-Virus Software For Mac.

And last year in 2011, it was claimed that Mac Malware was Becoming a Serious Threat. The latest entrant into this area is Avira.

German security company Avira has released free antivirus software for Apple Macs, joining a host of security software providers offering protection for OS X.

Avira said Apple’s market share for computers has increased, which has been followed by an increase in malicious software programs. The company said the product will not contain advertising or marketing pop-up ads.

Many of the top security software companies offer security software for Macs, with some for free. Kaspersky Lab, Intego, PC Tools, Symantec, McAfee and Trend Micro all offer paid security software, while Sophos offers its Mac product for free.

Apple has marketed itself as inherently more secure than Windows. Security experts have said its platform is just as prone to software vulnerabilities as other operating systems, but Windows is targeted more due to its high market share.

Again it’s a free offering, I guess Avira wants to move into the market too before anyone else like Sopho/Mcafee/Symantec manages to dominate it. With the Apple marketshare growing it’s a wise move to get in before they get excluded.

It’s an interesting move to offer free software though, perhaps they just want to use it as a bait and if the Mac market grows enough they can release a paid for ‘premium version’.

In a sign of the increasing prevalence of Mac malware, Apple rolled out an antimalware tool called XProtect in 2009, which is periodically updated to detect new malware.

Avira also released an application for Android phones that can remotely lock or locate a device as well as erase its data. Using a web-based interface, the phone’s owner can display a “call owner” message on the device with a number.

A missing Android device can be plotted on Google Maps. It can also be commanded to make a loud sound for 20 seconds, Avira said. Up to five phones can be managed remotely. The application is free and works with Android 2.2, known as Froyo, and 2.3, nicknamed Gingerbread.

And as we all know, OSX isn’t really any more secure than Windows – it just so happens the marketshare and pure mass of Windows users is so large that it makes a lot more sense to target them. Plus Mac users tended to be more tech savvy (a few years back before all the clueless hipster douchebags jumped on the Apple bandwagon) so they kept their software up to date.

Mac malware is becoming a serious threat though and I’d suggest any of you using Macs may want to consider installing some kind of AV software.

Source: Network World

Posted in: Apple, Countermeasures, Malware, Security Software

Tags: , , , , , , , , , , , , , , ,

Posted in: Apple, Countermeasures, Malware, Security Software | Add a Comment
Recent in Apple:
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- FBI Backed Off Apple In iPhone Cracking Case
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan

Related Posts:

Most Read in Apple:
- KisMAC – Free WiFi Stumbler/Scanner for Mac OS X - 83,078 views
- Apple Struggling With Security & Malware - 24,147 views
- Java Based Cross Platform Malware Trojan (Mac/Linux/Windows) - 16,012 views

SSLyze v0.4 Released – Scan & Analyze SSL Server Configuration

Find your website's Achilles' Heel

SSLyze is a Fast and Full-Featured SSL Scanner – it enables Better, faster scanning to analyze the configuration of SSL servers.

Supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more. Tested on Python 2.6 & 2.7 with Ubuntu and Windows 7, both 32 and 64 bits. Might work on other platforms as well. Based on OpenSSL and a custom SSL Python wrapper.

We first mentioned SSLyze when it popped up last year in December –

sslyze – Fast and Full-Featured SSL Configuration Scanner

New in v0.4

  • Support for OpenSSL 1.0.1 and TLS 1.1 and 1.2 scanning. See –tlsv1_1 and –tlsv1_2.
  • Support for HTTP CONNECT proxies. See –https_tunnel.
  • Support for StartTLS with SMTP and XMPP. See –starttls.
  • Improved/clarified output.
  • Various bug fixes.

You can download SSLyze v0.4 here:

Or read more here.

Posted in: Countermeasures, Network Hacking, Web Hacking

Tags: , , , , , , , , , , ,

Posted in: Countermeasures, Network Hacking, Web Hacking | Add a Comment
Recent in Countermeasures:
- Securing MySQL Installation on Ubuntu 16.04 LTS
- Scirius – Suricata Ruleset Management Web Application
- Raptor WAF – C Based Web Application Firewall

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,319 views
- Password Hasher Firefox Extension - 117,912 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,757 views

eLearnSecurity Launches Newly Updated & Refreshed Penetration Testing Professional Training v2

Your website & network are Hackable


It’s been a while since we’ve mentioned this course, of course since we mentioned it back in May 2010 – eLearnSecurity – Online Penetration Testing Training – eLearnSecurity has been making continuous improvements to the course-ware and the subject matter.

But now in 2012, it’s time for them to release their major facelift – Penetration Testing Professional Version 2.


The crew over at eLearnSecurity has drastically improved the overall course material, and if you are familiar with the first iteration you can see they’ve put a lot of effort into it.

Whats New With v2

There’s a lot of new stuff 4 hours of new up to date videos, 800 new slides and even completely new modules – with a makeover on all material.


All new material is now based on Backtrack 5 and Metasploit 4.2/4.3 – so you don’t have to worry about learning to use outdated tools and techniques. Some of the changes/additions are below:

  • The first two sections of the course (Network & System Security) have seen the most changes. Whilst the Web Application security section has undergone a content review but has had no new additions in terms of contents.
  • The use and the samples within the course have been updated to match the new features of the most important tools: Metasploit, Maltego, SET, Nmap and others.
  • Many new tools like FOCA, ShodanHQ, ncrack, Immunity Debugger, HPing2 have been added and covered in-depth within the new videos.
  • The slide deck has been completely redone and significant improvements have been made in readability and usability. You will now find immediate access to videos contained in each module and also references for further reading about each topic.
  • Hera Lab is the new virtual lab that our students can access through VPN to practice all the techniques related to system security and network testing.
  • A very detailed and in-depth analysis of Windows authentication protocols such as LM, NTLMv1 and NTLMv2 is provided through videos and real world examples that the student can test against the Hera Lab machines (This is a completely new chapter).

A lot of feedback has been gathered from the students and users of the course-ware and those have been implemented in this new version to enable faster, more efficient learning.

The Course – Details About The New Stuff!

The training course is still divided in three main knowledge domains:

  1. System Security
  2. Network Security
  3. Web Application Security

System Security (& Exploit Development)

This section covers:

  • Module 1: Introduction
  • Module 2: Cryptography and Password Cracking
  • Module 3: Buffer Overflow
  • Module 4: Shellcoding
  • Module 5: Malware
  • Module 6: Rootkit coding

This section included some of the simplest explanations of Exploit development and shell-coding available today, however it has been further improved with more samples, videos and tools that aid in the process of exploitation.

The videos are really clear, move at a good pace and have a very easy to follow voice-over – you can see the video demo running Metasploit on BackTrack 5.


More C++ and ASM basics are covered in the Introductory model and this should lower the entrance barrier for someone without these kinds of skills. The contents in this section are a lot better organized now and much easier to understand in practice thanks to a Virtual Machine pre-built with C++ compilers, Assemblers, Debuggers, Disassemblers and all the samples included throughout the section.

The Virtual Machine is available within Hera Lab and accessible in VPN/RDP. This drastically minimize the time required to the student to configure the environment. The good part is that the student is also taught how to configure the environment on his own machine for use even after the Lab time expires.

Network Security testing

This section covers:

  • Module 1: Information Gathering
  • Module 2: Scanning
  • Module 3: Enumeration
  • Module 4: Sniffing and MITM attacks
  • Module 5: Exploitation
  • Module 6: Post-exploitation
  • Module 7: Anonymity
  • Module 8: Social Engineering

4 out of 8 modules in this section have undergone major changes, the Information Gathering module in v1 had some overlapping information with Information Gathering module in Web Application security so it really required a re-work.

The Information Gathering module has been completely redone from scratch and has been created systematically along side a methodology which will allow you to thoroughly investigate a target organization from a business and technical perspective.

At the end of the module students can practice all the business related investigation techniques against a fictitious company created by eLearnSecurity with an actual web presence and documents available online. This real world exercise and the Information Gathering lab included in Hera Lab, makes this module a very hands on module.

The Port Scanning module now includes techniques to evade IDS’s and Firewalls as well as an in depth study of the Idle Scan technique that most of the times goes unused even by experienced pentesters. The author decided to use HPing2 to first demonstrate the technique at low level and then Nmap.

Exploitation module is now not just an introduction to the use of Metasploit but offers some great coverage of:

  • Low hanging fruits – Weak or non-existent authentication in network services like RDP or SSH
  • Windows Authentication Protocols Weaknesses
  • More advanced Client side and Remote exploitation

The exploitation module also contains a thorough review of the Java Rhino client side exploit with two videos on how to use it against Windows and Linux by modifying SET and mount a fairly complex attack.

But the part that shines the most in v2 of this training course is the Post Exploitation module that provides a clear cyclic process in 4 steps to escalate privileges, maintain access, harvest internal documents or credentials and exploit and infiltrate further internal networks through pivoting.

The depth of the information in section and the logical flow with which it has been assembled shows the stark difference between free stuff you can find online and a course you need to pay for.


It’s a great update to an already very strong course, I honestly can’t wait to see where they take it next. I want to clear some time to check out Hera Lab properly and get a hands on feel of what they are doing with that.

Remember if you are looking for something more basic/entry level – there is also the Penetration Testing – Student Course/Training by eLearnSecurity.

eLearnSecurity crew has confirmed to me that they are going to add new labs and scenarios every month to cover new parts of the training material and new tools that will be released in the future.

The feedback they’ve gotten on the first version is testament enough, over 2,000 professionals from 81 different countries worldwide have taken the first version of the training course.

Total price of the Penetration Testing Professional Training v2 + eCPPT Certification Exam + 30 days access or 30 hours usage time of Hera Lab is $699.

Find out more here:

Posted in: Advertorial, General Hacking

Tags: , , , , , , , , , , , , , , ,

Posted in: Advertorial, General Hacking | Add a Comment
Recent in Advertorial:
- An Introduction To Web Application Security Systems
- Everything You Need To Know About Web Shells
- Web Application Log Forensics After a Hack

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 42,112 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,358 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,217 views

MS12-020 RDP Exploit Code In The Wild

Your website & network are Hackable

The big news that erupted towards the end of last week was about the latest pretty serious vulnerability patched quietly by Microsoft, AKA MS12-020 (which plenty of people are using to bait skiddies into downloading dodgy code).

The flaw is in the RDP (Remote Desktop Protocol) service – which is a pretty bad service to have a flaw in as it’s generally exposed over the Internet – as that’s the whole point of it (remote access huhu).

It reminds me of the predecessor to RDP – TS (Terminal Services) – who remembers that one? And TSGrinder of course..

Luigi Auriemma, the researcher who discovered a recently patched critical vulnerability in Microsoft’s Remote Desktop Protocol (RDP), published a proof-of-concept exploit for it after a separate working exploit, which he said possibly originated from Microsoft, was leaked online on Friday.

Identified as CVE-2012-0002 and patched by Microsoft on Tuesday, the critical vulnerability can be exploited remotely to execute arbitrary code on systems that accept RDP connections.

Security experts have expressed concern because exploiting this vulnerability does not require authentication, which means that it can be used to create a computer worm.

However, the fact that RDP is disabled by default on Windows workstations limits the number of potential targets, so we shouldn’t worry about the next Conficker, said Carsten Eiram, chief security specialist at Danish vulnerability research firm Secunia.

Even so, the vulnerability still presents an interest for attackers because the RDP service is commonly used in enterprise environments and is usually accessible through firewalls.

“This is an attractive vulnerability from an exploitation standpoint and various parties are spending significant resources on developing reliable exploits for this,” Eiram said.

The upside? RDP is disabled by default, and most home users wouldn’t even know what it is. So I think we are pretty safe from some kind of mass infection worm type malware spawning from this vulnerability. Also, right now only the PoC code is out there, not an actual working exploit – that keeps us safe from the people dealing with low hanging fruit.

The downside? A LOT of businesses use RDP for support, desktop management and so on – and it’s quite often exposed to the Internet facing interfaces. Not a good idea, but since when did corporates make smart security decisions? Plus I don’t think it will take a massive amount of time for someone nefarious character to convert the PoC into a working exploit.

Creating a working exploit for the CVE-2012-0002 vulnerability is not trivial, Microsoft security engineers Suha Can and Jonathan Ness said in a blog post on Tuesday. “We would be surprised to see one developed in the next few days. However, we expect to see working exploit code developed within the next 30 days.”

However, an exploit appeared earlier Friday on a Chinese file hosting website, and its creator is most likely Microsoft itself, Auriemma said. “The executable PoC [proof-of-concept exploit] was compiled in November 2011 and contains some debugging strings like MSRC11678, which is a clear reference to the Microsoft Security Response Center (MSRC).”

Furthermore, the exploit sends a special packet that is identical to the one the researcher included in his report to ZDI (Zero Day Initiative), a program that pays researchers for vulnerability reports and later shares the details with the affected vendors. Auriemma is sure it’s the same packet because it contains unique elements that he added to it.

The researcher believes that Microsoft created the exploit for internal testing and then shared it with other security vendors through its Microsoft Active Protections Program (MAPP) to enable them to create attack and malware signatures.

The file might have been leaked by one of those companies or by a Microsoft employee, either directly or indirectly, Auriemma said. There is also the possibility of a hacker stealing it from Microsoft, but that’s unlikely, he added.

It seems it was the same PoC code that was originally submitted to Microsoft, as confirmed by a Microsoft representative in a blog post here:

Proof-of-Concept Code available for MS12-020

The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program (MAPP) partners. Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements.

So much for trusted partners eh?

Source: Network World

Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,137 views
- AJAX: Is your application secure enough? - 120,319 views
- eEye Launches 0-Day Exploit Tracker - 85,800 views

backfuzz – Multi-Protocol Fuzzing Toolkit (Supports HTTP/FTP/IMAP etc)

Your website & network are Hackable

backfuzz is a fuzzing tool for different protocols (FTP, HTTP, IMAP, etc) but also has no-protocol plug-ins (Example: File Fuzzer). The general idea is that this script has several functions already predefined in the file “”, so whoever wants to write their own plugin’s (for another protocol) you can do so in a few lines and add it to the script.

That’s the main power of it, it’s extensible. You can follow the format of existing plugins – for example the HTTP fuzzing plugin.

The code is still in BETA and requires a lot of work to get better, so any questions / suggestions / criticism / comment are welcomed by the author.

backfuzz - Multi-protocol Fuzzing Toolkit


You can read more here.

Posted in: Exploits/Vulnerabilities, Programming

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,137 views
- AJAX: Is your application secure enough? - 120,319 views
- eEye Launches 0-Day Exploit Tracker - 85,800 views

Former LulzSec Leader Sabu Flips Sides & Informs For The FBI

Your website & network are Hackable

This is pretty epic, the big buzz last week was all about Sabu and how he was a traitor to LulzSec and Anonymous.

Now most people think things like these only happen in the movies, secret arrests followed by strong-arm tactics to make the perp turn and be an informant for the feds. Sounds like a line straight out of the The Shield or Homeland.

It turns out the LulzSec leader was arrested some time last year and has been an informant for the FBI since then

In a major break for law enforcement, several members of the LulzSec and Anonymous hacking groups were arrested this morning based on information provided by “Sabu,” the shadowy LulzSec leader who was secretly arrested last year.

Sabu, LulzSec’s main spokesman who was identified today by as Hector Xavier Monsegur, has been working as an informant for the FBI since his arrest. Those arrested today included a member of the AntiSec hacking group who is believed responsible for the massive intrusion at security think tank Stratfor last December.

News of the arrests, was first reported by this morning. A law enforcement official in New York today confirmed the arrests and said that six hackers belonging to the Anonymous, LulzSec and Antisec groups were nabbed in U.S. and overseas locations. The official described those arrested as “principal members” of Anonymous and LulzSec.

The U.S. Department of Justice has scheduled a press conference this morning to release further details on the arrest, the official said. According to FoxNews, the FBI arrested two men from Great Britain, two from Ireland, and one from Chicago.

An indictment listing the charges is expected to be unsealed today in U.S. District Court for the Southern District of New York, FoxNews said.

A whole bunch of arrests were made today based on the information Sabu has been feeding to the feds, some pretty serious characters were taken down. Apparently Sabu was caught in the first place because of a rookie mistake – he logged onto IRC just once without using Tor and exposed his real IP address.

That was all it took for the feds to hunt him down and leverage him as an informant, and the fact he has kids – and well who wouldn’t want to stay out of prison for their offsprings? described Monsegur as an unemployed 28-year old father of two who apparently coordinated with thousands of hackers around the world from a room in a public housing project in New York’s Lower East Side. Monsegur, who was arrested by the FBI last year, pleaded guilty to several charges related to his hacking activities and has been a cooperating witness since then, according to Fox.

LulzSec, an offshoot of the Anonymous hacking collective, is believed to be responsible for numerous attacks against government, military and commercial entities. The group is said to be responsibile for a series of attacks last summer for a series of attacks against News International, Booz-Allen Hamilton and other high-profile organizations.

After the FBI arrested several members of Anonymous last July, LulzSec and Anonymous released a joint statement vowing not to let the arrests dampen their hacking attacks and daring law enforcement to catch them.

“We are not scared any more,” the joint statement had read. “Your threats to arrest us are meaningless to us as you cannot arrest an idea.”

Sabu appears to have been arrested by the FBI shortly after that boast.

News of Sabu’s arrest prompted several tweets from Anonymous this morning, including one that threatened retaliation. “The way Sabu & gang took control of Anonops.. anonops gonna retaliate,” the tweet said.

Sabu seems to have working from the FBI office, maintaining his online habits and conversations since August last year – whilst the feds sneakily collected information from the people he was talking to.

He even got busted last month for pretending to be a Federal Agent.

It’ll be interested to see how this pans out and if many more arrests will be made.

Source: Network World

Posted in: Legal Issues, Privacy

Tags: , , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
Recent in Legal Issues:
- Two Israeli Men Arrested For Running DDoS Service
- Criminal Rings Hijacking Unused IPv4 Address Spaces
- The Panama Papers Leak – What You Need To Know

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,732 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,670 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,636 views

Goofile v1.5 – Search For A Specific File Type In A Given Domain.

Find your website's Achilles' Heel

Use this tool to search for a specific file type in a given domain – inspired by TheHarvester.


-d: domain to search
-f: filetype (ex. pdf)

Written in Python and tested on 2.5 and 2.7.

Please submit any bug reports or requests to the author.

You can download Goofile v1.5 here:

Or read more here.

Posted in: Hacking Tools, Privacy, Web Hacking

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Privacy, Web Hacking | Add a Comment
Recent in Hacking Tools:
- nishang – PowerShell For Penetration Testing
- DyMerge – Bruteforce Dictionary Merging Tool
- mitmproxy – Intercepting HTTP Proxy Tool aka MITM

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,995,254 views
- Brutus Password Cracker – Download AET2 - 1,489,748 views
- wwwhack 1.9 – Download Web Hacking Tool - 688,805 views

Hacker On Hacker Action – Zeus Botmaster Targets Anonymous Supporters

Find your website's Achilles' Heel

It somehow reminds me of the oldskool game Spy vs Spy, anyone remember that? Anyhow, that’s off-topic right now.

The news is, some smart malware pimp managed to dupe a whole bunch of Anonymous supporters into installing the Zeus botnet – when they thought they were getting a DDoS tool.

It’s a pretty big base to go after, plus people would generally ignore any malware warnings their Anti-Virus might pop-up when they were running the tool as most DDoS tools and hacking kits are flagged by AV software – smart move if you ask me.

Hackers have duped supporters of the Anonymous group into installing the Zeus botnet, which steals confidential information from PCs, including banking usernames and passwords, security researchers said last week.

According to Symantec, someone modified a link to a popular distributed denial-of-service (DDoS) attack tool to direct users to a Zeus bot Trojan instead.

The replacement of a Zeus client for the “Slowloris” DDoS tool took place on the day after Anonymous launched strikes against websites operated by the U.S. Department of Justice, the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), and others in retaliation for the arrest of four men associated with the popular Megaupload “cyberlocker” site on charges of copyright infringement, money laundering and racketeering.

In a post last Friday to the Symantec security response team’s blog, the firm described how unknown hackers modified a message on PasteBin, changing the link to a Trojanized version of Slowloris.

Anonymous supporters have, unwittingly or not, pointed others to altered PasteBin message that includes the link to the Zeus bot. The Twitter account “YourAnonNews,” which has almost 550,000 followers, was just one of many that tweeted a link to the altered PasteBin message, said Symantec.

Through mid-February, Symantec had counted over 26,000 views of the PasteBin message and over 400 individual tweets referencing its URL.

There were some pretty big pimps of the malicious link too with the Twitter account @YourAnonNews being one of the major ones (over half a million followers).

With over 400 tweets referencing the URL and over 25,000 views – the person who pulled this off probably masterminded a whole bunch of fresh infections.

And as Zeus targets banking details, he could have gotten a pile of cash out of it too.

While the Trojanized Slowloris does conduct DDoS attacks — at times under the behest of the hackers who control the botnet — it also steals website cookies, login information for financial institutions and other user account credentials from infected PCs, then transmits the information to a command-and-control (C&C) server.

“Not only will supporters be breaking the law by participating in attacks on Anonymous hacktivism targets, but [they] may also be at risk of having their online banking and email credentials stolen,” said Symantec.

The Zeus ploy wasn’t the first time that Anonymous supporters have been tricked.

In January, hard on the heels of the retaliatory attacks against the Department of Justice website, U.K.-based security company Sophos said members of Anonymous distributed links via Twitter and elsewhere that when clicked automatically launched a Web version of LOIC, or Low Orbit Ion Cannon, another DDoS tool.

Many of those messages said nothing about LOIC or that clicking the link shanghaied the user into the then-ongoing DDoS attack, said Sophos.

Authorities have staged numerous arrests of Anonymous members and supporters on charges that they participated in DDoS attacks against targets in the U.S. and other countries.

Last week, an Interpol-organized sweep netted 25 suspected members of the hacking group in Argentina, Chile, Columbia and Spain.

Anonymous supports are getting arrested all over the World and now they are being targeted by malware pushers. As if we didn’t already know, being a supporter of the Anonymous movement is risky business – so if you do participate – please be careful.

On another note, some of the new versions of LOIC are pretty damn cool – some people are coding the hell out of it. Check this one out on Github (which also got owned recently coincidentally):


Source: Network World

Posted in: Malware, Social Engineering

Tags: , , , , , , , , , , ,

Posted in: Malware, Social Engineering | Add a Comment
Recent in Malware:
- CuckooDroid – Automated Android Malware Analysis
- Android Malware Giving Phones a Hummer
- Cuckoo Sandbox – Automated Malware Analysis System

Related Posts:

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,559 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,670 views
- US considers banning DRM rootkits – Sony BMG - 45,001 views